Usa surveillance tools
Contents
Récupération de l'archive de wikipedia.fr / à retravailler[edit]
The US National Security Agency uses code names to describe its systems, databases, and programs. Aspects of these classified systems have occasionally been the subject of press reports and leaks by whistle blowers, but during the 2013 mass surveillance disclosures, many more of these code names became subjects of public discussion. As analysis and press reporting of documents leaked by Edward Snowden continues, a clearer picture of the nature and relationship between these programs is gradually emerging.
The confused nature of technology companies' initial responses to the disclosure of PRISM suggest that these companies knew it under a different name. It is therefore likely that many or all of these programs have multiple code names that refer to the same thing.
A[edit]
APERIODIC[edit]
SI-ECI compartment related to the BULLRUN program
AQUACADE[edit]
AQUACADE is a class of SIGINT spy satellites (formerly RHYOLITE)
AUNTIE[edit]
SI-ECI compartment related to the BULLRUN program
B[edit]
BEACHHEAD[edit]
Computer exploit delivered by the FERRETCANNON system<ref>Scheier The NSA's New Risk Analysis</ref>
BLARNEY[edit]
BLARNEY (US-984 and US-984X)is a communications surveillance program, started in 1978 and operated under FISA<ref name=fantastico1>Modèle:Cite news</ref> <!--Really screengrabs in the attached video, they are exposed for only a few frames each-->.<ref name="wp_slides">Modèle:Cite news</ref> The collection takes place at top-level telecommunications facilities within the United States, choke points through which most traffic will flow, including wireless. This type of surveillance is referred to as "Upstream Collection." It was first brought to public view in a PRISM slide revealed by Edward Snowden.<ref name="wp_slides"/> <!-- It retains the content of emails, and phone calls made with Internet technology (i.e., VoIP) made within the United States. [May not be specific enough]--> Among the facilities associated with BLARNEY are AT&T's Room 641A in San Francisco, California, revealed in 2006 by Mark Klein, and another in New Jersey. Like its counterparts, BLARNEY was expanded after the September 11 attacks.<ref name=wsj1>Modèle:Cite news</ref> Information collected from BLARNEY is shared with many agencies in the United States, including the CIA, NSA, FBI and DOJ, it is also shared with the Five Eyes and NATO. A number of private companies also have access.<ref name=fantastico1/>
BLUEANCHOR[edit]
Partner providing a network access point for the YACHTSTOP program
BLUEZEPHYR[edit]
Subprogram of OAKSTAR
BOUNDLESS INFORMANT[edit]
Boundless Informant is a big data analysis and data visualization system used by the United States National Security Agency (NSA) to give NSA managers summaries of the NSA's world wide data collection activities.<ref name="guardian1">Modèle:Cite web</ref> It is described in an unclassified, For Official Use Only Frequently Asked Questions (FAQ) memo published by The Guardian.<ref>Modèle:Cite web</ref> According to a Top Secret heat map display also published by The Guardian and produced by the Boundless Informant program, almost 3 billion data elements from inside the United States were captured by the NSA over a 30-day period ending in March 2013.<ref name="guardian1"/> Data analyzed by Boundless Informant includes electronic surveillance program records (DNI) and telephone call metadata records (DNR) stored in an NSA data archive called GM-PLACE. It does not include FISA data, according to the FAQ memo. PRISM, a government codename for a collection effort known officially as US-984XN, which was revealed at the same time as Boundless Informant, is one source of DNR data. According to the map, Boundless Informant summarizes data records from 504 separate DNR and DNI collection sources (SIGADs). In the map, countries that are under surveillance are assigned a color from green, representing least coverage to red, most intensive.<ref>Modèle:Cite web</ref><ref>Modèle:Cite web</ref>
BULLRUN[edit]
Bullrun or BULLRUN is a clandestine, highly classified decryption program run by the United States National Security Agency (NSA).<ref name=register20130905>Modèle:Cite news</ref><ref name="pp20130905">Modèle:Cite news</ref> The British signals intelligence agency Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. Access to the program is limited to a group of top personnel at the Five Eyes (NSA and the signals intelligence agencies of Britain, Canada, Australia, and New Zealand - see UKUSA). Signals that cannot be decrypted with current technology may be retained indefinitely while the agencies continue to attempt to decrypt them.<ref name="pp20130905">Modèle:Cite news</ref>
BYEMAN (BYE)[edit]
BYEMAN is a retired control system covering certain overhead collection systems, including CORONA and OXCART for overhead collection systems (1961-2005), most BYE content was transferred to TK
C[edit]
CANYON[edit]
CANYON is a class of COMINT spy satellites (1968-1977)
COBALTFALCON[edit]
Subprogram of OAKSTAR.
CONTRAOCTAVE[edit]
CONVEYANCE[edit]
Conveyance is a final layer of filtering to reduce the intake of information about Americans, it provides filtering for PRISM and filtering the voice content processed by S3132. The Conveyance's informations are stocked in Nucleon.<ref>| washingtonpost.com "NSA slides explain the PRISM data-collection program"</ref>
CORONA[edit]
CORONA is a series of photographic surveillance satellites (1959-1972)
CRYPTO ENABLED[edit]
collection derived from AO's efforts to enable crypto<ref>[1] La diplomatie Française sur écoute aux États-unis</ref>
D[edit]
DEWSWEEPER[edit]
USB (Universal Serial Bus) hardware host tap that provides COVERT link over US link into a target network. Operates w/RF relay subsystem to provide wireless Bridge into target network.<ref>[2] - Snowden's docs</ref>
DIODE[edit]
Repurposing close-to-target hardware to redirect them to FOXACID servers (back bouncing packets) <ref>Appelbaum: NSA's FoxAcid/Quantum Programs at the european parliament - 10/15/2013</ref>
DROPMIRE[edit]
Dropmire is a secret surveillance programme by the National Security Agency aimed at surveillance of foreign embassies and diplomatic staff, including those of NATO allies. The programme's existence was revealed in June 2013 by whistleblower Edward Snowden in The Guardian newspaper.<ref>New NSA leaks show how US is bugging its European allies, The Guardian, 30 June 2013. Retrieved July 2013.</ref> The report reveals that at least 38 foreign embassies were under surveillance, some of which as far back as 2007.
DRTBOX[edit]
Program for intercepting mobile communication networks.<ref>[3] France in the NSA's crosshair : phone networks under surveillance</ref>
E[edit]
ECHELON[edit]
ECHELON, originally a code-name, is now used in global media and in popular culture to describe a signals intelligence (SIGINT) collection and analysis network operated on behalf of the five signatory states to the UKUSA Security Agreement<ref name=pronunciation>Given the 5 dialects that use the terms, UKUSA can be pronounced from "You-Q-SA" to "Oo-Coo-SA", AUSCANNZUKUS can be pronounced from "Oz-Can-Zuke-Us" to "Orse-Can-Zoo-Cuss".
- From Talk:UKUSA Agreement: Per documents officially released by both the Government Communications Headquarters and the National Security Agency, this agreement is referred to as the UKUSA Agreement. This name is subsequently used by media sources reporting on the story, as written in new references used for the article. The NSA press release provides a pronunciation guide, indicating that "UKUSA" should not be read as two separate entities. (The National Archives) (National Security Agency)</ref>
(Australia, Canada, New Zealand, the United Kingdom, and the United States, referred to by a number of abbreviations, including AUSCANNZUKUS<ref name=pronunciation/> and Five Eyes).<ref>Modèle:Cite web</ref><ref>Google books – Echelon by John O'Neill</ref><ref>Modèle:Cite web</ref> It has also been described as the only software system which controls the download and dissemination of the intercept of commercial satellite trunk communications.<ref name = Bamford>Bamford, James; Body of Secrets, Anchor, ISBN 0-385-49908-6; 2002</ref> It was created to monitor the military and diplomatic communications of the Soviet Union and its Eastern Bloc allies during the Cold War in the early 1960s. By the end of the 20th century, the system referred to as "ECHELON" had evolved beyond its military/diplomatic origins, to also become "... a global system for the interception of private and commercial communications."<ref name = EP>Modèle:Cite web</ref>
The system has been reported in a number of public sources. One of the earliest reports to describe the program, code-named "ECHELON," was the 1988 article, "Somebody's listening" by Duncan Campbell in the New Statesman.<ref>Modèle:Cite news</ref> The program's capabilities and political implications were investigated by a committee of the European Parliament during 2000 and 2001 with a report published in 2001,<ref name="EP"/> and by author James Bamford in his books on the National Security Agency of the United States.<ref name=Bamford/> The European Parliament stated in its report that the term ECHELON is used in a number of contexts, but that the evidence presented indicates that it was the name for a signals intelligence collection system. The report concludes that, on the basis of information presented, ECHELON was capable of interception and content inspection of telephone calls, fax, e-mail and other data traffic globally through the interception of communication bearers including satellite transmission, public switched telephone networks (which once carried most Internet traffic) and microwave links.<ref name = EP/>
EGOTISTICALGIRAFFE (EGGI)[edit]
NSA program for exploiting the TOR network<ref name="theguardian.com">[4]: 'Peeling back the layers of Tor with EgotisticalGiraffe'</ref>
EGOTISTICALGOAT[edit]
(EGGO) - NSA tool for exploiting the TOR network<ref name="theguardian.com"/>
ENDUE[edit]
A COI for sensitive decrypts of the BULLRUN program
ERRONEOUSINGENUITY[edit]
(ERIN) - NSA tool for exploiting the TOR network<ref name="theguardian.com"/>
EVENINGEASEL[edit]
Program for surveillance of phone and text communications from Mexico's cell phone network<ref>[5]: NSA Accessed Mexican President's Email</ref>
EVILOLIVE[edit]
Collects internet traffic and data<ref>[6]: NSA expanded bulk collection of internet data under newly uncovered surveillance programs</ref>
F[edit]
FAIRVIEW[edit]
Fairview' is a secret mass surveillance programme run by the National Security Agency, aimed at collecting phone, internet and e-mail data in bulk from the computers and mobile telephones of foreign countries' citizens.<ref name="globo">EUA espionaram milhões de e-mails e ligações de brasileiros, O Globo, 6 Jul 2013. Retrieved 9 Jul 2013.</ref> According to 2013 revelations by whistleblower Edward Snowden – According to the revelations, the NSA had collected 2.3 billion separate pieces of data from Brazilian users in January 2013 alone.<ref name="globo" />
FOXACID[edit]
FoxAcid identifies Tor users on the Internet and then executes an attack against their Firefox web browser.<ref>Bruce Schneier: How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID</ref><ref>[ArsTechnica<nowiki></nowiki> NSA repeatedly tries to unpeel Tor anonymity and spy on users, memos show]</ref><ref>[Slate.com<nowiki></nowiki> How the NSA Is Trying to Sabotage a U.S. Government-Funded Countersurveillance Tool]</ref>
- finding Tor users via programs codenamed Stormbrew, Fairview, Oakstar and Blarney.
- The NSA creates "fingerprints" that detect HTTP requests from the Tor network to particular servers.
- These fingerprints are loaded into NSA database systems like XKeyscore,
- Using powerful data analysis tools with codenames such as Turbulence, Turmoil and Tumult, the NSA automatically look for Tor connections.
- After the identification, the NSA uses its network of secret Internet servers to redirect those users to another set of secret Internet servers, with the codename FoxAcid, to infect the user's computer.
- Once the computer is successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term, and continues to provide eavesdropping information back to the NSA.
See Quantum for the Man-in-the-middle.
G[edit]
GENIE[edit]
implants of spywares<ref name="lemonde.fr">[7] la diplomatie française était sur écoute aux Etats-Unis</ref>
H[edit]
HIGHLANDS[edit]
spywares implants <ref name="lemonde.fr"/>
I[edit]
INTRUDER[edit]
INTRUDER is a series of ELINT and COMINT spy satellites (since 2009)
J[edit]
JUGGERNAUT[edit]
Picks up all signals from mobile networks<ref name="spiegel.de">[8] Photo Gallery: NSA Documentation of Spying in Germany</ref>
JUMPSEAT[edit]
JUMPSEAT is a class of SIGINT reconnaissance satellites (1971-1983)
L[edit]
LOPERS[edit]
LOPERS is a software application for Public Switched Telephone Networks<ref name="spiegel.de"/>
M[edit]
MADCAPOCELOT[edit]
Subprogram of STORMBREW - DNI and metadata through XKEYSCORE, PINWALE and MARINA.
MAGNETIC[edit]
sensor collection of magnetic emanations [9] la diplomatie française était sur écoute aux Etats-Unis</ref>
MAGNUM[edit]
MAGNUM is a series of SIGINT spy satellites (since 1985)
MAINWAY[edit]
MAINWAY is a database maintained by the United States' National Security Agency (NSA) containing metadata for hundreds of billions of telephone calls made through the four largest telephone carriers in the United States: AT&T, SBC, BellSouth (all three now called AT&T), and Verizon.<ref name="USA">Modèle:Cite news</ref> The existence of this database and the NSA program that compiled it was unknown to the general public until USA Today broke the story on May 10, 2006.<ref name="USA" /> It is estimated that the database contains over 1.9 trillion call-detail records.<ref name="DemocracyNow">Modèle:Cite web</ref> According to Bloomberg News, the effort began approximately seven months before the September 11, 2001 attacks.<ref>Modèle:Cite news</ref> As of June 2013, the database stores metadata for at least five years.<ref ="ab_week">Modèle:Cite web</ref> The records include detailed call information (caller, receiver, date/time of call, length of call, etc.) for use in traffic analysis<ref name="traffic analysis">Modèle:Cite web "And, by the way, I hate the term 'metadata.' What's wrong with 'traffic analysis,' which is what we've always called that sort of thing?"</ref> and social network analysis,<ref name="social network analysis">Modèle:Cite news "The data are used for 'social network analysis,' the official said, meaning to study how terrorist networks contact each other and how they are tied together."</ref> but do not include audio information or transcripts of the content of the phone calls.
MARINA[edit]
Marina is a metadata database for the National Security Agency (NSA), it aggregates NSA metadata from a large scale of sources. Any computer metadata picked up by NSA is routed in this system. Marina tracks the browser datas, gathering contacts and contents of a user. Marina can look in the last 365 days of DNI such as page request, emails, voice over IP and any packet on the Internet.<ref>| theguardian.com "NSA stores metadata of millions of web users for up to a year, secret files show"</ref>
MENTOR[edit]
MENTOR is a class of SIGINT spy satellites (since 1995)
MINARET[edit]
MINARET is a sister project to Project SHAMROCK (1967-1973) collection from LAN implant
MONKEYROCKET[edit]
Sub-program of OAKSTAR
MOONLIGHTPATH[edit]
Moonlightpath is a Special Sources Operations (SSO) program, maintained by the National Security Agency (NSA), it's a collection program to query metadatas, started in September, 2013 <ref>[10] How the NSA is still harvesting your online data</ref>
MUSCULAR[edit]
MUSCULAR is a tool to exploit the data links from Google and Yahoo, operated jointly by the National Security Agency (NSA) and the British Government Communications Headquarters (GCHQ). They are copying entire data flows across fiber-optic cables that carry information among the data centers.<ref>| NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say</ref>
N[edit]
NUCLEON[edit]
Nucleon is a database maintained by the National Security Agency (NSA) which intercepts telephone calls and routes the spoken words.<ref>| U.S. surveillance architecture includes collection of revealing Internet, phone metadata</ref>
O[edit]
OAKSTAR[edit]
OAKSTAR is an umbrella program involving surveillance of telecommunications, it falls under the category of "upstream collection," meaning that data is pulled directly from fiber-optic cables and top-level communications infrastructure.<ref name=fantastico1>Modèle:Cite news</ref> <!--Really screengrabs in the attached video, they are exposed for only a few frames each--> <ref name="wp_slides">Modèle:Cite news</ref> Upstream collection programs allow access to very high volumes of data, and most of the pre-selection is done by the providers themselves, before the data is passed on to the NSA. The FY 2013 budget for OAKSTAR is $9.41 million.<ref name="WP20130830">Modèle:Cite news</ref> OAKSTAR consists of the following SIGADs:
Designation | Covername | Legal Authority<sup>See Note</sup> | Key Targets | Type of Information collected | Remarks |
---|---|---|---|---|---|
US-3206 (PDDG:6T) | MONKEYROCKET | Executive Order 12333 | Counterterrorism in the Middle East, Europe, and Asia | DNI metadata and content | "Foreign access point," was expected to go online in spring 2012 |
US-3217 (PDDG:MU) | SHIFTINGSHADOW | Afghanistan communications: MTN Afghanistan, Roshan GSM Network, AWCC | DNR metadata and voice; "Timing Advances" and geolocation | "Foreign access point" | |
US-3230 (PDDG:0B) | ORANGECRUSH | "To be determined" | Voice, fax, DNI, DNR, and metadata | "Foreign access point through PRIMECANE, and 3<sup>rd</sup> party partner", not online as of the time of source presentation. | |
US-3247 (PDDG:PJ) | YACHTSHOP | Worldwide DNI Metadata | Worldwide DNI Metadata | "Access through BLUEANCHOR partner," contributor to MARINA | |
US-3251 | ORANGEBLOSSOM | ||||
US-3273 (PDDG:SK) | SILVERZEPHYR | Transit Authority and FAA | South, Central and Latin America | DNR Metadata, voice and fax; DNI content and metadata | "Network access point through STEELKNIGHT partner" |
US-3277 | BLUEZEPHYR | ||||
US-3354 | COBALTFALCON |
OCELOT[edit]
Actual name: MADCAPOCELOT , a sub-program of STORMBREW for collection of internet metadata about Russia and European counterterrorism. MADCAPOCELOT uses DNI from XKEYSCORE, PINWALE and MARINA<ref>[11]</ref>
ORANGEBLOSSOM[edit]
Sub-program of OAKSTAR for collection from an international transit switch (sigad: US-3251)
ORANGECRUSH[edit]
Subprogram of OAKSTAR.
P[edit]
PATHFINDER[edit]
PATHFINDER is a SIGINT analysis tool made by Science Applications International Corporation (SAIC), a new US company headquartered in McLean, Virginia that provides government services and information technology support.
PINWALE[edit]
Pinwale is the code name for an NSA database of archived foreign and domestic e-mails it has collected under its SIGINT efforts. It is searchable by monitored NSA analysts. Its existence was first revealed by an NSA analyst who was trained to use it during 2005.<ref>Modèle:Cite news</ref> However, according to Homeland Security Today, Pinwale has in it much more than email, it also contains other forms of Internet data, and other forms of digital communications as well. Its software has built-in protections against collecting from any of the Five Eyes members. Unlike its successor XKeyscore, targets for PINWALE have to be approved beforehand by the FISC.<ref name=homeland1>Modèle:Cite news</ref>
PRISM[edit]
PRISMis a clandestine mass electronic surveillance data mining program known to have been operated by the United States National Security Agency (NSA) since 2007.<ref name="WaPo1">Modèle:Cite web</ref><ref name="apbraun061513">Modèle:Cite news</ref><!--["Notes" 1]--> PRISM is a government code name for a data-collection effort known officially by the SIGAD Modèle:Nowrap.<ref>Modèle:Cite web</ref><ref>Modèle:Cite web</ref> The Prism program collects stored Internet communications based on demands made to Internet companies such as Google Inc. under Section 702 of the FISA Amendments Act of 2008. The NSA can use these Prism requests to target communications that were encrypted when they traveled across the Internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier,<ref name="WSJ20130821">Modèle:Cite news</ref><ref>Modèle:Cite news</ref> and to get data that is easier to handle, among other things.<ref>Modèle:Cite news</ref> The original Washington Post and Guardian articles reporting on PRISM noted that one of the leaked briefing documents said PRISM involves collection of data "directly from the servers" of several major Internet services providers.:<ref name="GenCoop">Modèle:Cite web</ref>
- Microsoft<ref name="TechCrunch">Modèle:Cite web</ref>
- Yahoo!<ref name="WaPoJune12">Modèle:Cite web</ref>
- Facebook <ref name="TechCrunch" />
- Google<ref name="TechCrunch" /><ref name="WaPoJune12" />
- Apple<ref name="AllThingsD">Modèle:Cite web</ref>
- Dropbox
Q[edit]
QUANTUM[edit]
See FOXACID To trick targets into visiting a FoxAcid server, the NSA relies on its secret partnerships with US telecoms companies. As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the Internet backbone for a man-in-the-middle (or a man-in-the-side).<ref>Schneier: How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID</ref><ref>[ArsTechnica<nowiki></nowiki> NSA repeatedly tries to unpeel Tor anonymity and spy on users, memos show]</ref><ref>[Slate.com<nowiki></nowiki> How the NSA Is Trying to Sabotage a U.S. Government-Funded Countersurveillance Tool]</ref> The NSA uses these fast Quantum servers to execute a packet injection attack, which surreptitiously redirects the target to the FoxAcid server.<ref>Spiegel.de: Britain's GCHQ Hacked Belgian Telecoms Firm</ref>
R[edit]
RADON[edit]
Bi-directional host tap that can inject Ethernet packets onto the same targets. Allows bi-directional exploitation of Denies networks using standard on-net tools.[12] la diplomatie française était sur écoute aux Etats-Unis</ref>
RAGTIME (RT)[edit]
RAGTIME is the code name of four secret surveillance programs conducted by the National Security Agency (NSA) of the United States. These programs date back to at least 2002<ref name=wapo1>NSA report on privacy violations in the first quarter of 2012, The Washington Post, August 16, 2013, p. 12.</ref> and were revealed in March 2013 in the book "Deep State: Inside the Government Secrecy Industry", by Marc Ambinder and D.B. Grady. These special programs are conducted under the code name RAGTIME (also abbreviated as RT), and are divided into several subcomponents (RAGTIME-A, RAGTIME-B, RAGTIME-C, and RAGTIME-P<ref>Shane Harris, Ragtime: Code name of NSA’s Secret Domestic Intelligence Program Revealed in New Book, February 27, 2013</ref> ). It's said that about 50 companies have provided data to this domestic collection program.
- RAGTIME-A : counterterrorism
- RAGTIME-B :
- RAGTIME-C : counterproliferation actvities (like WMD, nuclear, biological, chemical).
- RAGTIME-P (P -> Patriot act ?) : warantless wiretapping
RAMPART / RAMPART-T[edit]
NSA operational branches that intercept heads of state and their closest aides.<ref>[http://www.spiegel.de/international/world/secret-nsa-documents-show-how-the-us-spies-on-europe-and-the-un-a-918625.html Der Spiegel</ref> Known divisions are RAMPART-A, RAMPART-I and RAMPART-T, which focuses on foreign governments.
RUFF[edit]
Compartment of TALENT KEYHOLE for IMINT satellites
RHYOLITE[edit]
RHYOLITE is a class of SIGINT spy satellites (in 1975 changed to AQUACADE)
S[edit]
SENTINEL[edit]
Sentinel is a National Security Agency (NSA) security filter for SYBASE databases which provides multi-level security down to the row level.<ref>[http://www.nsa.gov/public_info/_files/cryptologs/cryptolog_136.pdf nsa.gov NSA</ref>
SHAMROCK[edit]
Shamrock is an operation for intercepting telegraphic data going in or out the US (1945-1975)
SHELLTRUMPET[edit]
Shelltrumpet is a National Security Agency (NSA) metadata processing program which show the NSA's metadata collection scale <ref>theguardian.com</ref>
SHIFTINGSHADOW[edit]
Subprogram of OAKSTAR.
SILKWORTH[edit]
A software program used for the ECHELON system
SIRE[edit]
A software program used for the ECHELON system
STELLARWIND (STLW)[edit]
Stellar Wind or STELLARWIND is the code name of a Sensitive Compartmented Information security compartment for information collected under the President's Surveillance Program (PSP).<ref name =OIG1>NSA Inspector General report on the President's Surveillance Program, March 24, 2009, page 10, note 3.</ref> This was a program by the United States National Security Agency (NSA) during the presidency of George W. Bush and revealed by Thomas Tamm to the The New York Times in 2008.<ref name="newsweek1">Modèle:Cite news</ref> The program's activities involved data mining of a large database of the communications of American citizens, including e-mail communications, phone conversations, financial transactions, and Internet activity.<ref name="newsweek1"/> William Binney, a retired Technical Leader with the NSA, discussed some of the architectural and operational elements of the program at the 2012 Chaos Communication Congress.<ref name="newsweek2">Modèle:Cite AV media</ref>
STORMBREW[edit]
STORMBREW is a secret internet surveillance program of the National Security Agency (NSA) of the United States. STORMBREW is an umbrella program involving surveillance of telecommunications. It falls under the category of "upstream collection," meaning that data is pulled directly from fiber-optic cables and top-level communications infrastructure. There is also a SIGAD of the same name, which is described as a "key corporate partner." The FY 2013 budget for STORMBREW is $46.06 million.<ref name="WP20130830">Modèle:Cite news</ref> STORMBREW consists of the following SIGADs:
Designation | Covername | Legal Authority<sup>See Note</sup> | Key Targets | Type of Information collected | Remarks |
---|---|---|---|---|---|
US-3140 (PDDG:TM) | MADCAPOCELOT | Executive Order 12333 | The country of Russia and European Terrorism <!--should be very specific, Not Russian Counterterrorism, Russia itself --> | DNI and metadata through XKEYSCORE, PINWALE and MARINA | |
US-983 (PDDG:FL) | STORMBREW | Global | "Key corporate partner with access to international cables, routers, and switches" |
SILVERZEPHYR[edit]
Subprogram of OAKSTAR.
T[edit]
TFTP[edit]
TFTP is "The Terrorist Finance Tracking Program" is a program to access the SWIFT transaction database
THINTREAD[edit]
ThinThread is the name of a project that the United States National Security Agency (NSA) pursued during the 1990s, according to a May 17, 2006 article in The Baltimore Sun.<ref name="Sun">Modèle:Cite web</ref> The program involved wiretapping and sophisticated analysis of the resulting data, but according to the article, the program was discontinued three weeks before the September 11, 2001 attacks due to the changes in priorities and the consolidation of U.S. intelligence authority.<ref>"Obama's Crackdown on Whistleblowers."</ref> The "change in priority" consisted of the decision made by the director of NSA General Michael V. Hayden to go with a concept called Trailblazer, despite the fact that ThinThread was a working prototype that protected the privacy of U.S. citizens. ThinThread was dismissed and replaced by the Trailblazer Project, which lacked the privacy protections.<ref name=physorg1>Modèle:Cite web.</ref> A consortium led by Science Applications International Corporation was awarded a $280 million contract to develop Trailblazer in 2002.<ref name=flib>Modèle:Cite web</ref>
TRAFFICTHIEF[edit]
According to an XKeyscore presentation, TRAFFICTHIEF is a database of "Meta-data from a subset of tasked strong-selectors" <ref name=guardian1>Modèle:Cite news</ref> According to the XKeyscore presentation, a example of a strong selector is an email address. In other words, it would be a database of the metadata associated with names, phone numbers, email addresses, etc., that the intelligence services are specifically targeting. Modèle:Citation needed Marc Ambinder gives what he calls an educated guess: "raw SIGINT viewer for data analysis.".<ref name =atlantic1>Modèle:Cite news</ref>
TRAILBLAZER[edit]
Trailblazer was a United States National Security Agency (NSA) program intended to develop a capability to analyze data carried on communications networks like the Internet. It was intended to track entities using communication methods such as cell phones and e-mail. It ran over budget, failed to accomplish critical goals, and was cancelled.
TRUMPET[edit]
TRUMPET is a series of ELINT reconnaissance satellites (1994-2008)
TURBULENCE[edit]
Turbulence is a United States National Security Agency information-technology project started circa 2005. It was developed in small, inexpensive "test" pieces rather than one grand plan like its failed predecessor, the Trailblazer Project. It also includes offensive cyber-warfare capabilities, like injecting malware into remote computers. The U.S. Congress criticized the project in 2007 for having similar bureaucratic problems as the Trailblazer Project.
TURMOIL[edit]
Turmoil is involved in the process of decrypting communications.<ref name=guardian2>Modèle:Cite news</ref>
TUTELAGE[edit]
Part of the TURBULENCE program
U[edit]
UPSTREAM[edit]
The Upstream program, or Room 641A, is a telecommunication interception facility operated by AT&T for the U.S. National Security Agency that commenced operations in 2003 and was exposed in 2006.<ref name=WiredEvidence>Modèle:Cite journal</ref> <ref name=wired1>Modèle:Cite news</ref>
V[edit]
VAGRANT[edit]
Vagrant is a National Security Agency wiretapping tool which allows to capturing information from screens [13] la diplomatie française était sur écoute aux Etats-Unis</ref>. This information comes from a NSA's top secret internal document.
VORTEX[edit]
VORTEX is a class of SIGINT spy satellites (1978-1989)
X[edit]
XKEYSCORE (XKS)[edit]
XKeyscore (XKS) is a formerly secret computer system used by the United States National Security Agency for searching and analyzing Internet data about foreign nationals across the world. The program is run jointly with other agencies including Australia's Defence Signals Directorate, and New Zealand's Government Communications Security Bureau. XKeyscore is an NSA data-retrieval system which consists of a series of user interfaces, backend databases, servers and software that selects certain types of metadata that the NSA has already collected using other methods.<ref name=WaPo1>Modèle:Cite news</ref><ref name =WaPo2>Modèle:Cite news</ref> According to the published slides, these come from three different sources:<ref name =theweek1>Modèle:Cite news</ref>
- F6, which is the Special Collection Service (SCS), operating from a U.S. embassy or consulate overseas
- FORNSAT, which means "foreign satellite collection", and refers to intercepts from satellites that process data used by other countries
- SSO, which is the Special Source Operations division, the branch of NSA which taps cables, finds microwave paths, and otherwise collects data not generated by F6 or foreign satellites.
According to documents released by The Guardian, the tool has the ability to query, in real time, "strong selectors", such as email, or "soft selectors", such as content .<ref name =Guardian3>Modèle:Cite news</ref> The tool also gives the analyst the abilities to look for "anomalies"; without any specific person attachedModèle:Citation needed, it lists the example of a German speaker in Pakistan as an example of such. It also has the ability to detect encrypted activity such as "all PGP usage in Iran.".<ref name =ars1>Modèle:Cite news</ref> The caveat given is that very broad queries can result in too much data to transmit back to the analyst. The presentation suggests that when something of interest is discovered, that the analyst may request particular items, as required.
Y[edit]
YACHTSHOP[edit]
Subprogram of OAKSTAR.
Uncategorized or insufficiently described[edit]
several Intelligence tools and resources:
- AGILITY, AGILEVIEW, AIRGAP, AIRSTEED, ALPHA, AMBULANT, ANCHORY, AQUADOR, ARGON, ASSOCIATION, AUTOSOURCE,
- BANYAN, BELLTOPPER, BELLVIEW, BINOCULAR, BLACKFOOT, BLACKHEART, BLACKMAGIC, BLACKPEARL, BLACKWATCH, BULLSEYE,
- CADENCE, CANNON LIGHT, CARBOY, CARBOY II, CARILLION, CASPORT, CENTERMASS, CHALKFUN, CHASEFALCON, CHEWSTICK, CHIPPEWA, CIMBRICINEPLEX, CLOUD, COASTLINE, CONTRAOCTAVE, COURIERSKILL, CREDIBLE, CREST, CRISSCROSS,
- DANCINGOASIS, DANGERMOUSE, DARKTHUNDER, DECKPIN, DELTA, DIKTER, DISHFIRE, DRAGONFLY, DRUID, DYNAMO,
- FACELIFT, FALLOUT, FASCIA, FISHBOWL, FOXTRAIL,
- GAMUT, GENTE, GLOBAL BROKER,
- HERCULES, HIGHTIDE, HOMEBASE,
- INTELINK, ISHTAR, IVY BELLS,
- KLONDIKE (KDK),
- LIFESAVER, LITHIUM, LONGHAUL,
- MAGIC LANTERN, MAILORDER, MAIN CORE, MAUI, MESSIAH, METTLESOME, MINERALIZE, MORAY,
- OILSTOCK, OCEAN, OCEANARIUM, OCTAVE, OCTSKYWARD, ONEROOF, OSCAR,
- PLUS, PROTON, PUZZLECUBE,
- SABRE, SEMESTER, SETTEE, SHARKFIN, SKYWRITER, SOLIS, SPHINX, SPINNERET, SPOKE, SPOTBEAM, STEELKNIGHT, STONE, STUMPCURSOR, SURREY,
- TALENT KEYHOLE (TK), TALK, QUICK, TAPERLAY, TAROTCARD, TEMPEST, TREASUREMAP, TRIBUTARY, TRINE, TUNINGFORK, TUSKATTIRE,
- UMBRA, UNIFORM,
- WEALTHYCLUSTER, WRANGLER, WEBCANDID, WHITEBOX,
- XCONCORD,
References[edit]
Modèle:Reflist
Cite error: <ref>
tags exist for a group named ""Notes"", but no corresponding <references group=""Notes""/>
tag was found, or a closing </ref>
is missing